Incorrect warning: Unnecessary unsafe block

[Boscop]

This warning is incorrect. It says for both unsafe blocks that they are unnecessary, and when either of the unsafe keywords is removed, it gives an error (of course).
It wrongly says that the first block is nested under the second unsafe block.

Before (nightly at end of January) this warning didn't occur.

[Boscop]

Ah, nevermind, it occurs only when the macro is called in the context of another unsafe block, like:

arr![arr![None; 128]; 16]

Still, it should detect this, and not display the warning.

[gnzlbg]

This is not an enhancement, this is a regression. As mentioned by the OP, this warning didn't used to occur.

[gnzlbg]

Are there any simple workarounds for this warning? #[allow(unused_unsafe)] doesn't work on expressions.

[gnzlbg]

So the workarounds is to turn this code:

unsafe { ... } // expression

into this:

{
    #[allow(unused_unsafe)]
    let tmp = unsafe { ... };
    tmp
}

[hallya]

same issue, not sure how to fix it in this case:

.map(|_| {
  if unsafe { js_sys::Math::random() < 0.5 } {
    Cell::Alive
  } else {
    Cell::Dead
  }
})
.collect();

[steffahn]

Is there any actual issue being reported here? If yes, what’s the code to reproduce it and what’s the actual issue?

[kpreid]

what’s the code to reproduce it and what’s the actual issue?

I thought I'd help out by retyping (and modernizing) the code and error from the original screenshot:

macro_rules! arr {
    ($item:expr; $n:expr) => {
        {
            let mut array_uninit: [_; $n] =
                [::core::mem::MaybeUninit::uninit(); $n];
            for x in &mut array_uninit {
                unsafe { ::core::ptr::write(x.as_mut_ptr(), $item) };
            }
            array_uninit.map(|mu| unsafe { mu.assume_init() })
        }
    }
}

fn main() {
    dbg!(
        arr![arr![5; 3]; 2]
    );
}

This produces the following warnings (on stable 1.60.0):

Warnings

warning: unnecessary `unsafe` block
  [--> src/main.rs:7:17
](https://play.rust-lang.org/#)   |
7  |                 unsafe { ::core::ptr::write(x.as_mut_ptr(), $item) };
   |                 ^^^^^^
   |                 |
   |                 unnecessary `unsafe` block
   |                 because it's nested under this `unsafe` block
...
16 |         arr![arr![5; 3]; 2]
   |              ---------- in this macro invocation
   |
   = note: `#[warn(unused_unsafe)]` on by default
   = note: this warning originates in the macro `arr` (in Nightly builds, run with -Z macro-backtrace for more info)

warning: unnecessary `unsafe` block
  [--> src/main.rs:9:35
](https://play.rust-lang.org/#)   |
7  |                 unsafe { ::core::ptr::write(x.as_mut_ptr(), $item) };
   |                 ------ because it's nested under this `unsafe` block
8  |             }
9  |             array_uninit.map(|mu| unsafe { mu.assume_init() })
   |                                   ^^^^^^ unnecessary `unsafe` block
...
16 |         arr![arr![5; 3]; 2]
   |              ---------- in this macro invocation
   |
   = note: this warning originates in the macro `arr` (in Nightly builds, run with -Z macro-backtrace for more info)

That is, the stated problem still reproduces. However, thinking about what's going on here, this code is hazardous and should be improved: the macro is evaluating $item in an unsafe block, even though it probably shouldn't, and the warning appears because the inner macro call is in an unsafe block provided by the outer macro call. The warning doesn't explain this, but it is reflective of an actual problem. The warning (and the hazard) can be removed by using a temporary for evaluating $item, so that it is not inside an unsafe block:

                let item = $item;
                unsafe { ::core::ptr::write(x.as_mut_ptr(), item) };

So, not-a-bug? Well, even with this fix, the arr! macro will still cause a warning if it is used within any unsafe block, which seems suboptimal, since the caller may have reason to do so (unsafe { arr![some_unsafe_fn(); 3] }). I'm not sure suppressing this warning whenever it appears would be best, though. A better semantics might be some kind of “unsafe hygiene”, where the macro body is not interpreted as unsafe simply due to the caller's enclosing use of unsafe, but that would raise further issues for code generation that isn't as simple as pasting expressions into other expressions, and it isn't exactly an A-diagnostics issue.

[steffahn]

So, not-a-bug? Well, even with this fix, the arr! macro will still cause a warning if it is used within any unsafe block, which seems suboptimal, since the caller may have reason to do so (unsafe { arr![some_unsafe_fn(); 3] }).

I think that’s essentially “working as intended”, for now.

Something like

macro_rules! arr {
    ($item:expr; $n:expr) => {
        {
            let mut array_uninit: [_; $n] =
                [::core::mem::MaybeUninit::uninit(); $n];
            for x in &mut array_uninit {
                let item = $item;
                #[allow(unused_unsafe)]
                unsafe { ::core::ptr::write(x.as_mut_ptr(), item) };
            }
            #[allow(unused_unsafe)]
            array_uninit.map(|mu| unsafe { mu.assume_init() })
        }
    }
}

should work fine. (Ignoring the soundness problem of possible break or continue in the $item expression. And the fact that previous items are leaked on panic.)

And a larger unsafe hygiene featire for macros is likely going to be more than just “diagnostics enhancements” (the current labels of this issue).